diff --git a/bash-memmove.patch b/bash-memmove.patch new file mode 100644 index 0000000..bdc299a --- /dev/null +++ b/bash-memmove.patch @@ -0,0 +1,19 @@ +Author: Bernhard M. Wiedemann +Date: 2018-07-07 + +strcpy can cause corruption when working on overlapping strings +so we use memmove instead that handles this case correctly + +Index: bash-4.4/support/man2html.c +=================================================================== +--- bash-4.4.orig/support/man2html.c ++++ bash-4.4/support/man2html.c +@@ -1992,7 +1993,7 @@ unescape (char *c) + while (i < l && c[i]) { + if (c[i] == '\a') { + if (c[i+1]) +- strcpy(c + i, c + i + 1); /* should be memmove */ ++ memmove(c + i, c + i + 1, strlen(c + i)); + else { + c[i] = '\0'; + break; diff --git a/bash.changes b/bash.changes index 821463d..638e333 100644 --- a/bash.changes +++ b/bash.changes @@ -1,7 +1,12 @@ +------------------------------------------------------------------- +Sat Jul 7 05:03:48 UTC 2018 - bwiedemann@suse.com + +- Add bash-memmove.patch to make bash.html build reproducible (boo#1100488) + ------------------------------------------------------------------- Mon Jun 4 09:21:15 UTC 2018 - werner@suse.de -- In patch bash-4.4.dif avoud setgroups(2) but use initgroups(3) (boo#1095670) +- In patch bash-4.4.dif avoid setgroups(2) but use initgroups(3) (boo#1095670) ------------------------------------------------------------------- Sat Jun 2 17:17:13 UTC 2018 - avindra@opensuse.org diff --git a/bash.spec b/bash.spec index 801a84b..c6dbb09 100644 --- a/bash.spec +++ b/bash.spec @@ -83,6 +83,7 @@ Patch47: bash-4.3-perl522.patch Patch48: bash-4.3-extra-import-func.patch # PATCH-EXTEND-SUSE Allow root to clean file system if filled up Patch49: bash-4.3-pathtemp.patch +Patch50: bash-memmove.patch %global _sysconfdir /etc %global _incdir %{_includedir} %global _ldldir /%{_lib}/bash @@ -224,6 +225,7 @@ done %patch48 -b .eif %endif %patch49 -p0 -b .pthtmp +%patch50 -p1 -b .mmv %patch0 -p0 -b .0 # This has to be always the same version as included in the bash its self rl1=($(sed -rn '/RL_READLINE_VERSION/p' lib/readline/readline.h))